The audit is the key tool for control and supervision of companies and their activity. In the case of the cryptocurrency industry, the search for errors and/or fraud in the codes of protocols and smart contracts, as well as the evaluation of the project development team, is essential for transparency and security for mass adoption of applications built on the Cardano blockchain.
SCATDAO is an open and (currently) partially decentralized platform for the Cardano community to organize audits, share research and discuss projects.
A few months ago I published an article about this platform (1).
The proposal in this Fund10 was presented in the category ‘OSDE: Open Source Dev Ecosystem’.
Its first objective is to offer a decentralized audit and social media platform to the Cardano ecosystem, and as a second objective to make the platform one of the most useful and used resources of the Cardano ecosystem.
The project will be fully open source: https://github.com/SCATDAO
The development presents a Minimum Viable Product with the first version of the platform already built: https://auditocean.com/.
AuditOcean is a blockchain community space designed for research and project auditing, where the community decides through its voting power which projects should be audited, adding them through the public repository DYOR Tool.
DYOR Tool guides the user through different evaluation points, to obtain reports agreed by the community, maintaining the same standards. It receives approximately 6,000 unique visitors per month, in its extensive catalog of reports to learn about the different DApps, tokens and NFTs within Cardano.
There are several aspects of the platform that are still centralized, and the main objective and purpose of this proposal is to fully decentralize the platform, since with a decentralized auditing system, possible points of corruption can be eliminated.
The team’s main mission of the platform is to create fundamental analysis reports, following an outline of advanced research questions and technical vulnerability analysis reports for Plutus smart contracts.
To this end, rounds are carried out whose purpose is to carry out audits of the projects chosen by the community, being a synchronous process of four stages: Pending, Selection, Governance, and Auditing. A stage cannot start if the previous stage has not finished, the transitions are sequential, not parallel.
During the Selection stage, AuditOcean users select the projects they want and put them through a poll on an external governance platform called the call platform. This setup is hybrid off-chain/on-chain, and selection votes are created as documents within a centralized Mongo database. It is not possible for the community to directly audit the correct behavior of this process.
Once the Selection phase is complete, a poll is created on the summon platform where it is possible for the community to directly audit the transactions on the blockchain.
The developers believe that the way to achieve the best auditability is to transform the stage of Selection and have users vote with their portfolios in the AuditOcean UI.
Auditor assignment can be a point of vulnerability if it is done centrally on private servers and therefore a decentralized assignment algorithm is the best option. The team believes that there is not much complexity in the logic required for a fair allocation for all auditors, using the Fisher-Yates algorithm with a Haskell version.
The audit report and its respective review are two different, but necessarily related, resources that make up a complete audit report. To guarantee the immutability of their content, it is necessary to coin them as non-fungible assets. This can be done automatically with a smart contract, from the backend integration at the end of the Audit stage, so that one NFT (Non Fungible Token) is sent to the wallet provided by the auditor, another to the reviewer’s wallet and another is stored in the DAO wallet.
The Key Metrics
- Increase the number and quality of open source projects
- Increase the number of open source tools and frameworks.
- Increase the number of open source contributors and maintainers
- Increase the visibility of open source projects
- Increased collaboration within and outside the ecosystem
- Improve adoption of Cardano technology
- Improve integrations and interoperability between projects
- Improve documentation of open source projects
The list of Key Performance Indicators (KPI) for the first 6 months covered by this proposal is:
- Number of monthly Catalyst progress reports submitted on time
- Number of milestones completed in the calendar
- Number of AuditOcean accounts created
- The goal is 200 accounts in the first 6 months.
- Number of expert reports voted on by the community and created
- Number of positions created in AuditOcean
- Number of Medium articles written
- Number of Youtube videos created
Step 1 is applicable to this proposal, and the other steps will be submitted for funding in future rounds of Catalyst.
Step 1. Smart Contract for Audit Rounds, for the first 6 months:
- Milestone 1: Platform creation: Create code repository / Hire decencies / Configure plutus SDK tools / Create State Machine / Types / Datum / State transition logic.
- Milestone 2: Platform creation: firstTriggerFunction / startRound endpoint / Param validation / nextTriggerFunction / Time based trigger
- Milestone 3: Platform creation: Bug fixes / Quality review / Code reform / Deployment test / Property based tests / Unit tests.
Step 2. Governance System (Plutus)
Step 3. Contract Backend Integration
Step 4. Assignment of Auditors (Plutus)
For the ‘Design and engineering of smart contracts for audit rounds’, was budgeted USD 2,600 per month, adding USD 15,600 in 6 months.
For the ‘General management of the project’, USD 500 per month was budgeted, adding USD 3,000 in 6 months.
For ‘Server cost’, USD 200 per month was budgeted, adding USD 1,200 in 6 months.
For the ‘Content Creation’, USD 1,000 per month was budgeted, adding USD 6,000 in 6 months
For ‘Content moderation’, USD 100 per month per person was budgeted, adding USD 500 per month and USD 3,000 in 6 months.
For ‘Promotion/Advertising’, USD 600 was budgeted, adding 3,600 in 6 months.
Total budget: USD 32,400
Price per ADA: USD 0.28
Total Requested = ₳ 115,714
The founder is Eric Helms. He is a Certified Public Accountant who has spent the last 10 years working in Corporate Audit from both the public and private side. He is currently a Veteran Community Advisor for Project Catalyst and is proud to be a member of the Cardano ecosystem.
Eric wrote all of the content for the first version of the DYOR Tool, and has written a large majority of the articles on Medium.
The team is made up of 6 people, with 2 members working on the project full-time developing and creating content, 2 members working part-time, and 2 working as moderators part-time. One of the members is Colombian, another is European, and the rest are from the US. You can see them here.
LiberLion: You are an accountant by profession, but auditing is not the only branch of the profession, tax settlement is a more popular specialty in the profession. What motivated you to become an accounting auditor?
Eric: Very interesting question. Back when I was in University and gearing up to enter public accounting, we had to choose which we would want to work in. As you mentioned, that would be audit or tax. Working in audit as a CPA is a very collaborative effort. You are part of a team and the team breaks down all the different tasks and work on them together to get the job done. It is very collaborative and requires not only accounting and audit skills but also other soft skills such as being able to interview clients, present information effectively, manage client expectations as well as your bosses, etc. This is contrasted with tax which is usually more individual. You have your returns and you bang them out as best you can. For my personality type and skill set, I preferred the more collaborative team environment that was client facing and helps develop those other soft skills. Also, if you go into tax it usually prepares you for a long and fruitful career in tax without many other opportunities. If you go into Audit, you usually have the opportunity to roll off after getting promoted to senior and going into several other fields like FP&A, Compliance, Corporate Finance, or several others. I knew going in I did not want to spend my entire career in Corporate Audit (or tax) so that was the best option for me.
LiberLion: What do you consider to be the main objective in blockchain auditing?
Eric: I would say the main objective for any audit, whether is blockchain or financial statements, is to verify information. Typically someone is making an assertion like “my financial statements are free from material misstatements” or “my code will operate as advertised”. The general public usually does not trust the people making those claims as there is a conflict of interest (the person saying they are good is the person who made them). So you have an independent expert come in and attest that they have reviewed whatever the person is asserting and they believe it is correct. Since the auditor is meant to be an independent third party, people can usually trust that the assertion is correct. The problem here is that most of the time these auditors are not actually independent and are being paid by their boss to do this job. That was the primary reason for starting SCATDAO. To create a totally independent organization free from this bias so you can actually trust their results.
LiberLion: Why did you choose Cardano blockchain to build your platform?
Eric: When I first got into crypto my go to was Ethereum. After paying over hundred dollars for a swap I just couldn’t do it anymore and started looking for alternatives. I came across Cardano and liked what I saw. This was before we had smart contracts or native assets even, so there was not much that we could do here yet. But the focus on research, getting things right the first time, and decentralization was what ultimately made me want to build here. And then to be honest, without Project Catalyst we would not be here today. So very grateful that we have this at our disposal and appreciate the community for giving us a shot.
LiberLion: How will you manage the volatility $ADA with the Fund10 reward payment in order to make the project profitable? (I have faith in your proposal !!!)
Eric: Thanks so much, really appreciate your faith and support. So this was the rationale that we included in the proposal for the ADA price. “We are using a price per ADA of .28 USD in our proposal. As of the time of writing it is currently at .287 on Coingecko. Looking at the price of ADA over the last 6 months we can see it range from . 323 at the start, rallying to a high of .454, and seeing a low of .261 recently in June when the SEC created their lawsuit alleging that Coinbase was selling unregistered securities by selling ADA. As ADA has been in an overall downtrend since September 2021, we feel that using .28 is a fair conversion rate to the Cardano and Catalyst community as well as to our team that depends on the funding.
This proposal is for a 6 month period. So we looked at the ADA price over the last 6 months to try and get an idea of where we think it is heading. Of course none of us have a crystal ball and anything can happen, but we are towards the low end of where we have been so would be a bit surprised to drop considerably lower (although of course it is a possibility). Each month the ADA will be distributed as it is shown in the budget we provided in the proposal. If team members choose to hold the ADA they can, or they can convert to fiat or stable coin immediately. Anything that is budgeted for things like server cost would be converted each month, as we have been burned in the past by keeping it in ADA. But most importantly, everyone on our team understands the risks involved with price volatility. We have work and deliverables that were promised for a specific amount of ADA. Even if the price were to plummet, we are going to deliver the things that were promised in the proposal. It would be disappointing, but we are all capable of following through on these commitments regardless over the next 6 months.
LiberLion: What is SCATDAO’s business model to make the platform profitable over time?
Eric: To be honest, I don’t think that we would ever be profitable in what we do, and we are not really trying to be. The way I think about the work we do is critical infrastructure for a network to operate. In the corporate world, things like accounting work is considered a cost center which means it is crucial to the organization but it costs money vs makes it (profit center). And while most people aren’t fans of the cost centers and they certainly aren’t as sexy as the sales department, they are necessary for it to function. We could potentially charge clients for the types of services we do, but then as mentioned above, we are no longer an independent organization. We are now working for our boss and beholden to their wants and demands. We ran an ISPO a while back and had plans to use that to sustain ourselves, but there was not much interest. So for now we plan to rely on Catalyst and if the community finds value in what we are doing and building and wants to fund it, we will continue to do it.
You can read the original proposal at IdeaScale.
. . .